CVE-2006-4802

Currently unrated

Key Information:

Vendor: Symantec
Status: Client Security; Norton Antivirus
Vendor: CVE Published:; 14 September 2006

Summary

Format string vulnerability in the Real Time Virus Scan service in Symantec AntiVirus Corporate Edition 8.1 up to 10.0, and Client Security 1.x up to 3.0, allows local users to execute arbitrary code via an unspecified vector related to alert notification messages, a different vector than CVE-2006-3454, a "second format string vulnerability" as found by the vendor.

References

http://securitytracker.com/id?1016842

vdb-entryx_refsource_SECTRACK

https://exchange.xforce.ibmcloud.com/vulnerabilities/28937

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/19986

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Sep 14, 2006
Vulnerability Reserved
Sep 14, 2006